Chromium Code Reviews Chromium Code Reviews
Issue 9909019:
Add schema chrome-extension-resource:// for extension resources (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_content_renderer_client.h" | 5 #include "chrome/renderer/chrome_content_renderer_client.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 207 | 207 |
| 208 // chrome:, and chrome-extension: resources shouldn't trigger insecure | 208 // chrome:, and chrome-extension: resources shouldn't trigger insecure |
| 209 // content warnings. | 209 // content warnings. |
| 210 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme); | 210 WebSecurityPolicy::registerURLSchemeAsSecure(chrome_ui_scheme); |
| 211 | 211 |
| 212 WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); | 212 WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); |
| 213 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme); | 213 WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme); |
| 214 | 214 |
| 215 // chrome-extension: resources should be allowed to receive CORS requests. | 215 // chrome-extension: resources should be allowed to receive CORS requests. |
| 216 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme); | 216 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_scheme); |
| 217 | |
| 218 WebString extension_resource_scheme( | |
| 219 ASCIIToUTF16(chrome::kExtensionResourceScheme)); | |
| 220 WebSecurityPolicy::registerURLSchemeAsSecure(extension_resource_scheme); | |
| 221 | |
| 222 // chrome-extension-resource: resources should be allowed to receive CORS | |
| 223 // requests. | |
| 224 WebSecurityPolicy::registerURLSchemeAsCORSEnabled(extension_resource_scheme); | |
| 217 } | 225 } |
| 218 | 226 |
| 219 void ChromeContentRendererClient::RenderViewCreated( | 227 void ChromeContentRendererClient::RenderViewCreated( |
| 220 content::RenderView* render_view) { | 228 content::RenderView* render_view) { |
| 221 ContentSettingsObserver* content_settings = | 229 ContentSettingsObserver* content_settings = |
| 222 new ContentSettingsObserver(render_view); | 230 new ContentSettingsObserver(render_view); |
| 223 if (chrome_observer_.get()) { | 231 if (chrome_observer_.get()) { |
| 224 content_settings->SetContentSettingRules( | 232 content_settings->SetContentSettingRules( |
| 225 chrome_observer_->content_setting_rules()); | 233 chrome_observer_->content_setting_rules()); |
| 226 } | 234 } |
| (...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 696 if (is_extension_url != extension_dispatcher_->is_extension_process()) | 704 if (is_extension_url != extension_dispatcher_->is_extension_process()) |
| 697 return true; | 705 return true; |
| 698 } | 706 } |
| 699 | 707 |
| 700 return false; | 708 return false; |
| 701 } | 709 } |
| 702 | 710 |
| 703 bool ChromeContentRendererClient::WillSendRequest(WebKit::WebFrame* frame, | 711 bool ChromeContentRendererClient::WillSendRequest(WebKit::WebFrame* frame, |
| 704 const GURL& url, | 712 const GURL& url, |
| 705 GURL* new_url) { | 713 GURL* new_url) { |
| 706 // If the request is for an extension resource, check whether it should be | 714 // Check whether the request should be allowed. If not allowed, we reset the |
| 707 // allowed. If not allowed, we reset the URL to something invalid to prevent | 715 // URL to something invalid to prevent the request and cause an error. |
| 708 // the request and cause an error. | 716 if (!ExtensionResourceRequestPolicy::CanRequestResource( |
| 709 if (url.SchemeIs(chrome::kExtensionScheme) && | |
| 710 !ExtensionResourceRequestPolicy::CanRequestResource( | |
|
abarth-chromium
2012/04/13 17:11:24
This check is also important for security. Can yo
Peng
2012/04/17 13:52:05
I think it need add browser some tests for it. Wor
| |
| 711 url, | 717 url, |
| 712 frame, | 718 frame, |
| 713 extension_dispatcher_->extensions())) { | 719 extension_dispatcher_->extensions())) { |
| 714 *new_url = GURL("chrome-extension://invalid/"); | 720 *new_url = GURL("chrome-extension://invalid/"); |
| 715 return true; | 721 return true; |
| 716 } | 722 } |
| 717 | 723 |
| 718 return false; | 724 return false; |
| 719 } | 725 } |
| 720 | 726 |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 859 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() { | 865 bool ChromeContentRendererClient::IsOtherExtensionWithWebRequestInstalled() { |
| 860 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled(); | 866 return extension_dispatcher_->IsOtherExtensionWithWebRequestInstalled(); |
| 861 } | 867 } |
| 862 | 868 |
| 863 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( | 869 void ChromeContentRendererClient::RegisterPPAPIInterfaceFactories( |
| 864 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { | 870 webkit::ppapi::PpapiInterfaceFactoryManager* factory_manager) { |
| 865 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); | 871 factory_manager->RegisterFactory(ChromePPAPIInterfaceFactory); |
| 866 } | 872 } |
| 867 | 873 |
| 868 } // namespace chrome | 874 } // namespace chrome |
| OLD | NEW |
